feat!(mcp-adapters): add authProvider for oauth, fix header passing #8239
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BREAKING_CHANGE: Drops the `useNodeEventSource` flag and stops passing an empty eventSourceInit object to Streamable HTTP and SSE transport constructors. If there continues to be header passing issues as a result of the way `SSEClientTransport` and `StreamableHTTPClientTransport` handle EventSource initialization, the correct fix will be to PR a change to the MCP SDK that changes how headers are populated on EventSource initialization. fixes #8196 fixes #8194
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Skipped Deployment
|
dosubot
bot
added
the
size:L
dosubot
bot
added
size:XXL
There was a problem hiding this comment.
Pull Request Overview
This PR introduces OAuth 2.0 support by replacing the useNodeEventSource flag with an authProvider option and updates header passing and error messaging for both Streamable HTTP and SSE transports. Key changes include:
- Removing the useNodeEventSource flag and replacing it with authProvider in the transport schemas and client functions.
- Updating error messages to specifically handle authentication failures.
- Enhancing documentation and test coverage to demonstrate OAuth integration and header management.
Reviewed Changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| libs/langchain-mcp-adapters/vitest.setup.ts | Removed the file that mocks node:crypto, suggesting tests now use real implementations or other mocks. |
| libs/langchain-mcp-adapters/vitest.config.ts | Updated configuration formatting (double-quoted strings) without functional changes. |
| libs/langchain-mcp-adapters/src/client.ts | Refactored transport creation to support OAuth via authProvider, updated error messaging, and adjusted reconnection options. |
| libs/langchain-mcp-adapters/tests/fixtures/dummy-stdio-server.ts | Added a dummy stdio server for integration testing. |
| libs/langchain-mcp-adapters/tests/fixtures/dummy-http-server.ts | Enhanced the dummy HTTP server to support header and authentication testing. |
| libs/langchain-mcp-adapters/tests/client.comprehensive.test.ts | Modified tests to expect updated transport configuration with authProvider support. |
| libs/langchain-mcp-adapters/README.md | Updated guides to reflect the new OAuth authentication option and removed outdated sections. |
| libs/langchain-mcp-adapters/.eslintrc.cjs | Minor ESLint config improvements using path.join for tsconfig paths. |
Comments suppressed due to low confidence (2)
libs/langchain-mcp-adapters/vitest.setup.ts:1
- Confirm that the removal of vitest.setup.ts is intentional and that any necessary mocking of node:crypto is now handled elsewhere.
Entire file removal
libs/langchain-mcp-adapters/src/client.ts:1057
- The _createNodeEventSourceTransport function now returns a StreamableHTTPClientTransport instance instead of an SSEClientTransport, which may not be intended. Consider returning an SSEClientTransport to meet the expected type for SSE connections.
return Object.keys(options).length > 0 ? new StreamableHTTPClientTransport(new URL(url), options) : new StreamableHTTPClientTransport(new URL(url));
shashimalcse
approved these changes
May 26, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BREAKING_CHANGE: Drops the
useNodeEventSourceflag and stops passing an empty eventSourceInit object to Streamable HTTP and SSE transport constructors. If there continues to be header passing issues as a result of the waySSEClientTransportandStreamableHTTPClientTransporthandle EventSource initialization, the correct fix will be to PR a change to the MCP SDK that changes how headers are populated on EventSource initialization.Also includes integration tests that validate the new behavior against actual MCP servers, and fixes to further problems surfaced by these tests related to passing headers when
authProvideris present.fixes #8196
fixes #8194